luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
16,303 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

75 Commits

Author SHA1 Message Date
Laura Bennett eb75afe54d minor edit for error statement 2016-07-25 13:29:57 -04:00
Laura Bennett 7e29cf1cae edits based on comments in PR 2016-07-25 09:46:10 -04:00
Laura Bennett 395f052870 minor error correction 2016-07-24 22:35:54 -04:00
Laura Bennett 9ea1c8b801 initial commit for nonAssignablePolicies 2016-07-24 22:27:41 -04:00
Jeff Mitchell 9f6c5bc02a cubbyhole-response-wrapping -> response-wrapping 2016-06-10 13:48:46 -04:00
Jeff Mitchell c4431a7e30 Address most review feedback. Change responses to multierror to better return more useful values when there are multiple errors 2016-05-16 16:11:33 -04:00
Jeff Mitchell c52d352332 Merge branch 'master-oss' into cubbyhole-the-world 2016-05-07 16:40:04 -04:00
Jeff Mitchell 6f7409bb49 Slightly nicer check for LRU in policy store 2016-05-02 22:36:44 -04:00
Jeff Mitchell fe1f56de40 Make a non-caching but still locking variant of transit for when caches are disabled 2016-05-02 22:36:44 -04:00
Jeff Mitchell 8572190b64 Plumb disabling caches through the policy store 2016-05-02 22:36:44 -04:00
Jeff Mitchell aba689a877 Add wrapping through core and change to use TTL instead of Duration. 2016-05-02 00:47:35 -04:00
Jeff Mitchell 1394555a4d Add listing of cubbyhole's root to the default policy. 
This allows `vault list cubbyhole` to behave as expected rather than
requiring `vault list cubbyhole/`. It could be special cased in logic,
but it also serves as a model for the same behavior in e.g. `generic`
mounts where special casing is not possible due to unforeseen mount
paths.
 2016-02-03 13:50:47 -05:00
Jeff Mitchell b830e29449 Use capabilities rather than policies in default policy. Also add cubbyhole to it. 2016-01-16 18:02:31 -05:00
Jeff Mitchell 2412c078ac Also convert policy store cache to 2q. 
Ping #908
 2016-01-07 09:26:08 -05:00
Jeff Mitchell d6693129de Create a "default" policy with sensible rules. 
It is forced to be included with each token, but can be changed (but not
deleted).

Fixes #732
 2015-11-09 15:44:09 -05:00
Jeff Mitchell 7aa3faa626 Rename core's 'policy' to 'policyStore' for clarification 2015-11-06 12:07:42 -05:00
Jeff Mitchell c460ff10ca Push a lot of logic into Router to make a bunch of it nicer and enable a 
lot of cleanup. Plumb config and calls to framework.Backend.Setup() into
logical_system and elsewhere, including tests.
 2015-09-10 15:09:54 -04:00
Armon Dadgar 03be7a5999 vault: upgrade old policies with implicit glob 2015-07-05 19:14:15 -06:00
Armon Dadgar 512b3d7afd vault: Adding metrics profiling 2015-04-08 16:43:17 -07:00
Armon Dadgar a8d4319ad5 vault: Update LRU on GetPolicy 2015-04-06 16:43:05 -07:00
Armon Dadgar f022ec97c4 vault: Adding policy LRU cache 2015-04-06 16:41:48 -07:00
Armon Dadgar 28bc849fd9 vault: Attach policy name if missing 2015-04-01 17:45:00 -07:00
Armon Dadgar 43a99aec93 vault: Special case root policy 2015-03-24 11:27:21 -07:00
Armon Dadgar 6e22ca50eb vault: integrate policy and token store into core 2015-03-18 14:00:42 -07:00
Armon Dadgar 51ce336753 vault: Adding PolicyStore 2015-03-18 12:17:03 -07:00